Cisco Support Community
Community Member

ACS 5.3 & log retention question

Hi All,

We have a virtual appliance running ACS 5.3 and would like to be able to have some logs (such as RAIDUS pass/failed attempts) retained for several months.

When I look for the current logs on the appliance, it's configured for 7 days of retention and I only see about 24-48 hours worth of log data which I am guessing is due to the volume of activity we have. (I believe the logs use circular logging and a limit of 5MB?)

In order to retain a few months worth of logs, can we change the value from 7 days to 90 days without overloading the system? The current load seems to be about 1-2% of CPU but about 70-75% of memory.

Since this is a virtual appliance, can we easily add more CPU, memory, & storage to compensate for the extra logging information?  Based on this link, it sounds like it only can use 500GB.

If the virtual appliance cannot provide this level of logging we need, do I have to send the logs to an external syslog server and retain the information there?

Thanks in advance.

Community Member

ACS 5.3 & log retention question



You can configure either the primary server or the secondary server to be the  logging server for ACS. Cisco recommends that you configure a secondary ACS  server as the logging server.

Either a primary server or one of the secondary servers can  function as a logging server.

The logging server receives the logs from the primary server  and all the ACS secondary servers in the deployment. Cisco recommends that you  allocate one of the ACS secondary servers as the Monitoring and Report server  and exclude this particular secondary server from the AAA activities.

for more details and configuration, please visit the following link:

CreatePlease to create content